[compiler-rt] [sanitizer] Disallow external_symbolizer_path with AT_SECURE (PR #92611)

[Florian Mayer via llvm-commits]

https://github.com/fmayer created https://github.com/llvm/llvm-project/pull/92611

None

>From 34c1fe34b022afa8c8059f6558a92fdadefefc7d Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Fri, 17 May 2024 15:14:07 -0700
Subject: [PATCH] =?UTF-8?q?[=F0=9D=98=80=F0=9D=97=BD=F0=9D=97=BF]=20initia?=
 =?UTF-8?q?l=20version?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Created using spr 1.3.4
---
 .../sanitizer_symbolizer_posix_libcdep.cpp               | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cpp b/compiler-rt/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cpp
index 0ddc24802d216..68d51dd1cb9b7 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cpp
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cpp
@@ -25,6 +25,7 @@
 #  include "sanitizer_common.h"
 #  include "sanitizer_file.h"
 #  include "sanitizer_flags.h"
+#  include "sanitizer_getauxval.h"
 #  include "sanitizer_internal_defs.h"
 #  include "sanitizer_linux.h"
 #  include "sanitizer_placement_new.h"
@@ -408,7 +409,13 @@ const char *Symbolizer::PlatformDemangle(const char *name) {
 
 static SymbolizerTool *ChooseExternalSymbolizer(LowLevelAllocator *allocator) {
   const char *path = common_flags()->external_symbolizer_path;
-
+  // This is so we can use the weak definition from sanitizer_getauxval.h
+  if (&getauxval && getauxval(/* AT_SECURE */ 23) != 0) {
+    Report(
+        "ERROR: external_symbolizer_path cannot be used for AT_SECURE "
+        "(e.g. setuid binaries).\n");
+    Die();
+  }
   if (path && internal_strchr(path, '%')) {
     char *new_path = (char *)InternalAlloc(kMaxPathLength);
     SubstituteForFlagValue(path, new_path, kMaxPathLength);